SUMMARY:

• 7 years of professional experience in Network Designing, Deployment, Configuring, Troubleshooting and testing of networking system and networking administering.
• Experience in implementing, maintaining and troubleshooting L2 switching tasks such as
• VLANs, VTP, VLAN Trunking using ISL and 802.1Q, STP, RSTP, PVST+, Ether channel using LACP and PAgP, Inter - Vlan routing, CEF and DCEF.
• Implemented redundancy with HSRP, VRRP, GLBP, Ether channel technology (LACP, PAgP).
• Proficient hands on experience in configuration & troubleshooting of routing protocols and deployment of OSPF, EIGRP, BGP and Policy routing on Cisco Routers.
• Good knowledge in configuring and troubleshooting Exterior Gateway protocols such as BGPv4 including internal BGP (iBGP) and external BGP (eBGP).
• Experienced working with virtualization/cloud providers AWS, Vagrant, Open stack.
• Experienced in Load balancing Citrix components using Citrix NetScaler 11.0/11.1.
• Deploying and operating complex DMVPN with High availability, scalability and security.
• Strong hands on experience on ASA (5540/5550) Firewalls. Implemented Security Policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS).
• Good knowledge of CISCO firewalls, CISCO PIX and ASA 5500 series, Palo Alto Firewalls.
• Hands on experience on the Palo Alto firewall platforms PA-7050, PA-5050, PA-2000 series, PA-200, PA-500.
• Experience in Juniper Firewalls, Cisco ASA, Checkpoint firewalls, Palo Alto Firewalls, SSL VPN, Cisco Nexus Cisco ACS, Cisco ISE, IPS, and Microsoft TMG.
• Completed Firewall migration from Juniper Netscreen to new R77.20 checkpoint firewall.
• Experience in Juniper Firewalls, Cisco ASA, Checkpoint firewalls, Palo Alto Firewalls, SSL VPN, Cisco
• Experience in TCP/IP Protocol Suite (IP, ARP, ICMP, TCP, UDP, SNMP, FTP, TFTP, DNS, DHCP, HTTP, HTTPS, SSH, SMTP, NTP)
• Implement and maintain vmware esxi 6 Server, Active Directory, DHCP, DNS and Proxy Services on 2008 R2, 2012 Server environmen
• Configuring, Monitoring and Troubleshooting Cisco's ASA 5500, with creating object groups and network based rules for implementation, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design.
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall
• Hands on experience in full stack deployment of networking issues, securing the router and troubleshooting them.
• Knowledge of different types of VoIP deployments - Legacy, Virtualized and Cloud Based Solutions
• Working with NELCO LIMITED (TATANET VSAT) as a NETWORK ENGINEER (NOC)
• Experience in Supporting and troubleshooting Checkpoint (R77 Gaia, R75.40, R70, R65, Provider-1, MDM/MDS, VSX, SPLAT and IPSO) Juniper (SRX, JUNOS, Screen OS, Net Screen SSG, SPACE and NSM) and Cisco firewall (ASA 5550, 5540, 5520, PIX 525, 535, CSM and ASDM) technologies.
• Working knowledge of AWS IAM Services: IAM Policies, Roles, Users, Groups, AWS Access Keys and Multi Factor Authentication.
• Familiarity with Citrix Presentation Server 4.5, Citrix XenServer and Citrix NetScaler.
• Experience in layer-3 Routing and layer-2 Switching. Dealt with Nexus models like 9K,7K, 5K, 2K series, Cisco router models like 7200, 3800, 3600, 2800, 2600, 2500, 1800 series and Cisco catalyst 6500, 4500, 3750, 3500, 2900,9300,9500 series switches.
• Firewall technologies including general configuration, risk analysis, security policy, rules creation and modification of Check Point R65, R70 & R77, Palo Alto and Cisco ASA.
• Experience in configuring all Palo Alto Networks Firewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scale firewall deployments.
• Excellent in deploying, configuring and managing OpenStack projects like Keystone, Nova, Swift, Cinder, Neutron, Ceilometer, etc.
• Worked on Nexus platform 7010, 5K series (5548, 5020 and 5010) and FEX (2248, and 2232) and deployed VPC, VDC and Fabric Path and successfully implemented Virtual Stack Switching on the Cisco catalyst switches.
• Provided Load Balancing towards access layer from core layer using F5 Network Load Balancers.
• Experience in Configuring F5 Load Balancers: Adding virtual IPs, nodes, pools and health monitoring.
• Worked extensively on firewalls and VPN gateways Checkpoint, CISCO, Juniper, Palo Alto, Fortigate GUI and Shell.
• Hands on experience on F5 BIGIP LTM 11.2, F5 BIGIP GTM, F5 BIGIP APM.
• Implement Identity and security requirements on AWS.
• Support of Palo Alto Networks PA-Series Firewalls/ PAN-OS Platform.
• Configured and optimization settings of Riverbed Steelhead.
• Plenty of Hands on implementation IWAN technology.
• Helping the customers migrate towards IWAN.
• Strong understanding of Software defined networking (SDN), virtualization concepts
• Worked extensively on firewalls and VPN gateways Checkpoint, CISCO, Juniper, Palo Alto, Fortigate GUI and Shell.
• Knowledgeable in the Microsoft Office Suite, to include creating network/layout diagrams in Visio and detailed data analysis using Excel.
• Hands and in depth understanding of LINUX commands and experience with Cisco IOS, NX-OS.
• Working with Cisco for opening TAC Case and resolving issues to meet project deadlines.
• Working knowledge with monitoring tools like Solar Winds & network packet capture tools like Wire-shark.
• Well versed with scripting like Python, Bash and SHELL and hands on experience in Linux OS.
• Efficient at use of Microsoft VISIO/Office as technical documentation and presentation tools

TECHNICAL SKILLS:

Routers: 7200, 3800, 3600, 2800, 2600, 2500, 1800

Cisco Switches: 2900, 3500, 4000, 4500, 5000, 6500, 9300,9500,Nexus 2K,5K,7K and 9K

Routing Protocols: Understanding of RIP, OSPF, EIGRP, and BGP, IS-IS, Redistribution, Static Routing, Route Filtering.

Network Security: Understanding of VPN, RADIUS, 802.1x, Port Security, and Firewalls, Standard and Extended ACLs, IPsec, VPN, Port-security, SSH, SSL, IKE, AAA, Prefix-lists, Zone-Based Firewalls, NAT/PAT, HIPAA standards, Ingress & Egress Firewall Design, Content Filtering, Load Balancing, IDS/IPS, URL Filtering, L2F, IDS, TCP Intercept, Router Security.

LAN Protocols: VLAN, VTP, Inter-vlan routing, VxLAN, ISL, dot1q, STP, RSTP, PVST, HSRP, GLBP, Ethernet, Port security.

WAN Technologies: Frame Relay, MPLS, PPP, HDLC, X.25, E1/T1/DS1/DS3, Optimizers, Riverbed

Firewalls: Cisco ASA 5500,5540, Palo Alto (PA-2k, PA-3k, PA-5k)

Load Balancers: F5 (BIG-IP) LTM 2000, 3900, 6400, 6800.

Services: Done configuration for AWS, VLANs, STP, SNMP, DMZ and redundancy protocol (HSRP & VRRP)

Scripting: Microsoft Active directory, Python, PowerShell, BASH

PROFESSIONAL EXPERIENCE:

Confidential - Bronx, NY

SR Network Engineer

Responsibilities:

• Experience with Network Redesign for Company Campus Locations and Moving from 6500 based Data Center to Nexus based Data Center.
• Experience working with design and deployment of MPLS Layer 3 VPN cloud, involving VRF, Route Distinguisher (RD), Route Target (RT), Label Distribution Protocol (LDP) & MP-BGP.
• Experience with design and configure Fiber Channel over Ethernet (FCoE) on Cisco Nexus 5548 devices.
• Configure, upgrade and administer Citrix Netscaler MPX
• Experience working with migration from 6500 series devices to 4500 Series switches in Campus deployments at Core, Distribution and Access Layers.
• Manage the daily operations of the outside fiber plant including engineering, permitting, contracting, designing and maintenance of new buildings and existing fiber facility relocation.
• Experience with LAN protocols like STP, RSTP, MST, VTP, VLAN and Port Channel Protocols like LACP, PAGP.
• Perform Lab and Production based testing to ensure robust service for core and add-on features of VoIP deployment
• Configured and Maintained HP tipping Point IPS 2500 devices using SMS servers.
• Configuration & Troubleshoot LAN /WAN Network, Motorola, Cisco, RedMax, ZYXEL Acess Point.
• Responsible for planning, design, implementation, operation snd deployment of VMware NSX virtual network environment.
• Analyze the packet captures via Infinistream and Wireshark then forward the findings to the appropriate tier 3 group.
• Worked with installation and support of LINUX (RedHat, CentOS), UNIX and VM.
• Providing LAN/WAN (T1 connections, fiber) network support, wireless network (Wireless LAN controller, Cisco WAP), and local Site and Data Center Server Support.
• Installed and configured FirePOWER services module on an ASA 5525 Active/Standby platform.
• Utilize VMware vSphere to create and configure VMs for both Cisco ASAv5 virtual firewalls and Cisco FirePOWER management VM.
• Responsible for design and development of complex outside plant (OSP) fiber equipment installations, modifications and upgrades
• VMWare NSX management in the private cloud disaster recovery datacenter.
• Primarily responsible for providing efficient and effective problem identification and resolution for MassDOT end users, including answering questions, providing advice, troubleshooting, and assisting customers in solving technology related problems.
• Collaborate with team members to effectively manage all security appliances monitor traffic utilizing Symantec DLP, McAfee EPO / VSE, web gateway, and Palo Alto firewalls.
• Configuration and troubleshooting link state protocols like OSPF in single area and multiple areas.
• Administration of Checkpoint, Palo Alto and Juniper Firewalls at multiple properties.
• Maintain fiber splice records, network topography records and fiber mapping and as-builts in corporate inventory systems.
• Design, document, and support end-to-end networking solutions to support global deployment services including Global backbone and Data Center. High Availability Technologies: HSRP, VRRP, VSS and vPC. Protocols: OSPF, BGP, EIGRP.
• VMWare ESX 6 Vsphere management in the on prem data center as well as the disaster recovery datacenter.
• Provide VoIP platform wide support ranging from End User issues, interbranch connectivity issues to PSTN connectivity issues.
• Configured, upgraded and performed maintenance on FortiGate Firewalls (100D and 300D).
• Responsible for firewall rule set migration from Cisco ASA to newly implemented Palo Alto.
• Responsible for implementing firewall technologies including general configuration, optimization, security policy, rules creation and modification of Palo Alto Firewalls. Extensive Packet level debugging and troubleshooting on Palo Alto Fire wall.
• Technology router, BUC, LNB, Reflector, Feed, Azimuth, Elevation, VSAT Antenna alignment)
• Working with Palo Alto firewalls PA3020, PA5020 using Panorama servers, performing changes to monitor/block/allow the traffic on the firewall.
• Troubleshoot and repair/replace Cisco network equipment (Switches, Routers, Wireless, Ethernet, Fiber Convertors, Network Appliances)
• Installation of Checkpoint OS R80.10 Gaia on checkpoint appliances 4400 and Smart 1 for testing before upgrading the production firewalls.
• GIT, Jenkins, Docker, on Build server Linux machine.
• Jenkins configuration, setup, new jobs creation, GIT branch creation using Maven scripts (pom).
• Configuring rules and maintaining Palo Alto firewalls & analysis of firewall logs using various tools.
• Configured and supported Cisco ASA Firewalls for PCI/PII security as well as IPsec VPN connections.
• Implement public cloud and deploy to AZURE, AWS, EC2: SSO, AD, ADFS, ADLDS (FDS), CA/CLM, FIM, P-Synch, Secure Email, SecurID, SSL Encryption and CSR decoder. Manager (FIM), Microsoft Desktop Optimization Pack (MDOP).
• Backup and restore proxy configuration and Perform upgrade on bluecoat proxy SG to keep and update Bluecoat web filter database locally
• Knowledge of OSI 7 Layer Model, TCP/IP, DNS, DHCP.
• 24x7 monitoring of Voice Infrastructure globally (IPT, BT, NEO, Radar); through incident management, troubleshooting, escalation, restoration.
• Administered and maintained Cisco ASA, Juniper and Checkpoint Firewalls
• Completed Firewall migration from Juniper netscreen to new R77.20 checkpoint firewall.
• Centrally managed all Palo Alto Firewalls using Palo Alto Panorama M-100 management server.
• Implementing brand new Cisco ASA Firewalls with updated Security Policies.
• Experience in deploying EIGRP/BGP redistribution and the changing the metrics for the primary and backup.
• Management Server (SMS) /System Center Configuration Manager (SCCM), Forefront Identity Manager (FIM), Point of Sale (POS), MS SQL Server, Microsoft Cluster Server, Microsoft Desktop Optimization Pack (MDOP).
• Designing and implementing routing/switching protocols in complex environments including BGP, OSPF, and EIGRP.
• Intelligent WAN, team delivering IWAN solutions for enterprise customers to reduce OPEX. Enterprise customers are adopting IWAN and it is getting a lot of traction. Played a Challenging role to get the solution out to cisco customers as oppose to features and Interacted with several customers and helping them migrate to IWAN.
• Preparing Weekly, monthly network outage Statistics reports and sharing to Field team to improve the QOS
• Experience in developing Cloud Formation Scripts for AWS Orchestration.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500 with ACL, NAT, Object Groups, Failover, Multi-Contexts.
• Successfully replaced Juniper and Cisco Firewall with Checkpoint R77.30.
• Managed load balancing traffic on Citrix NetScaler. Gained understanding of web Interface, Citrix Access Gateway and NetScaler configuration.
• Experience with migrating from Cisco ASA 8.2 version to Cisco ASA 8.4 Version.
• Experience in Cisco IDS/IPS, Cisco PIX … ASA 5520, 5540, 5550, Checkpoint NGX R65, R70, R75, R77 Gaia, VSX, Provider-1/MDM/MDS, SPLAT, Nokia IPSO, Juniper Netscreen Firewall, Juniper SRX, Snort IDS, Syslog analysis and Windows/Linux/Unix Security configurations.
• Responsible for Cisco ASA firewall administration with classifying different security zones, Creating policies and Object groups for better administering across our global networks.
• Experience with converting WAN routing from EIGRP/OSPF to BGP (OSPF is used for local routing only) which also involved converting from Point to point circuits to MPLS circuits.
• Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, disabling all unused ports and putting them in unused VLAN
• Implement and configured VRRP/GLBP (on distro/core switching), HSRP on different location of office on the switched network and managing the entire multilayer switched network
• Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a Flexible Access Solution for a datacenter access architecture
• Managed and monitored Symantec Endpoint Security Manager. Installed Linux/Windows agents and Virus Scan Enterprise.
• Creating repeatable Infrastructure as Code using CloudFormation.
• Maintain good cloud security posture for all clients using AWS services (CloudTrail, Config).
• Experience configuring VPC, VDC and ISSU software upgrade in Nexus 7010
• Experience in Configuring, upgrading and verifying NX-OS operation system with OSPF, BGP
• Responsible for managing activities, Upgrading IOS - Upgrading hardware and installing new devices, Tuning (Configuration), make standardization for the topology
• Provide front end on-call network support 24x7x365 for all network infrastructures in the co-operation.
• Routers, Switches, Firewalls, Ironport, Bluecat, Qradar, Waas, VMware, GCP's, ISE, F5 - Monitoring, Upgrade, Rules coding, Whitelisting, DNS Name creation.
• Good knowledge on Juniper SRX240, SRX220 and SRX550 series Firewalls.
• Involved in configuration of access-control lists on Juniper and Palo alto firewalls for proper network routing and B2B connectivity
• Regularly managed Citrix NetScaler for view, monitor and manage users, alerts, servers.
• Migration of existing IPSEC VPN tunnels from one Data Center to another Data Center, due to decom of existing Data Center, which involved working with Partner Companies.
• Implemented Site-to-Site VPNs over the internet utilizing 3DES, AES/AES-256 with ASA Firewalls.
• Worked with Cisco and avaya networking systems with capability to configure and troubleshoot voice related hardware
• Plan, configure, and deploy voice gateways, CUCM, UCCX, and 10,000+ end points.
• F5 LTM: Configuration, Solution Designing and Managing F5 BIG IP LTM Load Balancer,
• Configured RSA SecurID to authenticate users accessing Citrix NetScaler Gateway-protected network resources.
• Creating VIPs, Creating Pools, and Associating Pools with VIPs, Creating Persistence Profile, SSL Profile, SSL Offloading, Creating iRules, designing with High Availability solution with Network Failover.
• Configuring IBM LOTUS Mail, VMWARE ZIMBRA Mail
• Implemented detailed monitoring of AWS cloud environment and notification using Cloud Watch and SNS
• Proficient use of scripting to maintain integrity by using SHELL, BASH commands virtualization

Environment: In Corporate office architecture with highly reliable & secured network including Cisco routers (7200, 3800, 2800) and Cisco switches (6500, 3700, 4900, 2900,9300,9500), Nexus (7K, 5K & 2K,9K) Routing Protocols (EIGRP, OSPF, BGP), Switching protocols (VTP, STP, GLBP,HSRP,VSS), ASA(5505, 5510), Load Balancers(F5), Symantec, PaloAlto Networks, IWAN,VIPTELA

Confidential, NJ

Network Engineer

Responsibilities:

• Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks
• Extracting the policies and contracts in an ACI fabric.
• Worked on ACI fabric node process crash troubleshooting.
• Documenting and Updating the changes to LAN/WAN Networks Architecture and Inventory in co-ordination with Asset and Tools Management Team Perform period usage and bandwidth utilization report
• Experience in deploying EIGRP/BGP redistribution and the changing the metrics for the primary and backup paths for the packet prioritization and EIGRP tuning.
• Experience on a mesh 6500 and 5500 series routes and switches to support the core trading system. Involved.
• Recommend policy adjustments for Symantec DLP to streamline incident assessment process.
• Responsible for Symantec DLP Scanning of 1,000+Sharepoint Sites and File shares.
• Handling Broadband &Vsat
• Ethernets, Sub netting, VLAN, TCP/IP, VPN, OSI model, Access list and servers route.
• Responsible for planning, design, implementation, operation snd deployment of VMware NSX virtual network environment.
• End to End call flow testing of VoIP services which may require coordination with other teams (Domestic and International)
• SLA maintenance for the whole massDOT networks, routine brake-fix duties.
• Arrange, perform and analyze WireShark .
• This requires a strong knowledge of fiber to the home (FTTH) technologies, Fiber to the business, and architectures.
• Engineering team member responsible for provisioning VMware NSX virtual network.
• Execute Configuration changes on Cisco, Juniper and Broadcom network gear in a high volume production network environment.
• Configure, manage, and maintain security tools for DHHS including Palo Alto firewalls 3K, 5K, 7K, FirePOWER (Sourcefire), Bluecoat, FireEye.
• Report and analyze Change Management activities across the VoIP network
• Configured RIP, OSPF and Static routing on Juniper M and MX series Routers.
• Monitor and respond to network intrusions and vulnerability alerts raised by automated detection systems, internal and external reports and manual investigation, using tools such as: Solar Winds Network Monitoring, Source Fire IDS, and Palo Alto Firewall Administration.
• Monitoring Resources and Applications using AWS Cloud Watch, including creating alarms to monitor metrics such as EBS, EC2, ELB, RDS, S3, and configured notifications for the alarms generated based on events defined.
• Experience in performing configuration, testing and implementation of Citrix NetScaler HA and LB.
• Configure voice gateways, and correct dial-peer issues, hunt groups/lists, and route patterns in CCM.
• Conflict identification, exception approvals, freeze administration and emergency requests for all changes hitting the VoIP network.
• Work on Next Generation Devices ASR Cisco 4451/4351/4451, Cisco ASA 5516/5525/5555- X with Fire power configuration and implementation.
• Installations, configuration and troubleshooting Cisco Router, Switches, Firewalls, Bluecoat and Wireless Controller.
• Developed security strategies and solutions for the organization to meet HIPAA and PCI/PII compliance
• Troubleshoot routing issues on Cisco 7600, 7200VXR and Juniper M320.
• This unique position has allowed me to Deploy, Implement and configure Nexus 7000, 5000 and 200 series switches, 2148T fabric extenders, Cisco 4500 modular switches with SUP6-E supervisors, Cisco 4948 switches, Cisco Wireless device and HP Pure Cure Switches and Wireless device Aironet.
• Provided address validation and geolocation, georeferencing and digitizing shape type files, map generation for engineers going into the field, and field data collection for vector points (utility poles)
• In designing data communications and networks utilizing that utilize a mixture of frame relay, point to point
• Administration of Checkpoint, Palo Alto and Juniper Firewalls at multiple properties.
• Support Panorama Centralized Management for Palo alto firewall PA-500, PA-200 and PA3060, to central manage the console, configure, maintain, monitor, and update firewall core, as well as back up configuration
• Security controls assessments, vulnerability assessment, audit, and risk assessment of cloud applications.
• Managed 2 dozen sites around the world as users accessed secure VPN networks via Citrix Netscaler devices
• Designed MPLS VPN and QoS for the architecture using Cisco multi-layer switches
• Cisco IOS experience on 3600/7200 class hardware in complex WAN environment and experience on Cisco OS and IOS on CAT6500 in a complex data center environment
• Configuring IP, RIP, EIGRP, OSPF and BGP in routers.
• Experience in migration of Frame-relay based branches to MPLS based technology using multi-layer stackable switch like 6500 series and 2800 series router
• Configured OSPF redistribution and authentication with type 3 LSA filtering and to prevent LSA flooding.
• Configured VLAN, Spanning tree, VSTP, SNMP on Juniper EX series switches
• Developed AWS Cloud Formation templates to create custom sized VPC, subnets, EC2 instances, ELB, Security Groups, DNS, F5 load balancer.
• Configured OSPF over frame relay networks for NBMA and point to multipoint strategies.
• Handled Corporate and Review Audits from the perspective of IT Security for Network Devices and Servers under our control.
• Set up and configured a Cisco ASA 5506-X and Cisco FirePOWER network security services.
• Firewall technologies including general configuration, risk analysis, security policy, rules creation and modification of Check Point R65, R70 & R77, Palo Alto and Cisco ASA.
• Implementing traffic engineering on top of an existing Multiprotocol Label Switching (MPLS) network using Frame Relay and Open Shortest Path First (OSPF).
• Upgrades and backups of Cisco router configuration files to a TFTP server
• Configuring RIP, OSPF and Static routing on Juniper M and MX series Routers
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability
• Involved in iRule management like loading rules, writing iRule syntax using TCL language
• Hands on Experience testing iRules using Browser(IE), HTTP watch
• Created engineering configuration, Security Standards, documenting processes and Network documentation using Microsoft Visio.
• Implemented the concept of Route Redistribution between different routing protocols
• Switching related tasks included implementing VLANS, VTP, STP and configuring on Fast Ethernet
• Involved in SNMP Network management. Worked on various scanning and Sniffing tools like Ethereal
• Implementing and maintaining backup schedules as per the company policy
• Experience working with Nexus 7010,7018, 5020, 2148, 2248 devices
• Experience working with High performance data center switch like nexus 7000 series
• Managing a TACACS server for VPN user authentication and network devices authentication
• Installed and configured the Cisco routers 2800 in two different customer locations. It includes coordinating with Verizon and AT&T in order to bring the serial interface up for T3 link. Also, configuration includes frame relay, BGP and VPN tunnel on GRE
• VLAN Configurations, troubleshooting and Firewall ACLs and Object-Groups configuration and support
• Performed Symantec DLP environments management and support configuration as well as data security environments used in testing and configuring client sites prior to installation.
• Configured IPSec site-to-site VPN connection between Cisco VPN 3000 Concentrator and Cisco 3800
• Provided redundancy in a multi homed Border Gateway Protocol (BGP) network by tunings AS-path.
• Manage Cisco Routers and troubleshoot layer1, layer2 and layer3 technologies for customer escalations
• Taking Regular backups & testing the backups by restoring in test lab frequently.

Environment: Router series (2800, 3800, 7200) and switch series (3750, 3550, 4509E, 6509E), Cisco ASA(5505, 5510) firewall, Routing Protocols (EIGRP, OSPF, BGP), Switching protocols (VTP, STP,VSS), Site to Site VPN, Remote Access VPN, Cisco VPN 3000 Concentrator, Symantec, Cisco ACS 4.x, Load Balancers(F5), PaloAlto Networks.

Confidential

Network Administrator

Responsibilities:

• Installation and Configuration of Cisco Catalyst switches 6500, 3750 & 3550 series and configured routing protocol OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design Document and followed the change process as per IT policy It also includes the configuration of port channel between core switches and server distribution switches
• Palo Alto App ID migration from the legacy based port rules for PA 5060, 7050.
• Experience with Synchronous Optical Networking (SONET) over optical fiber.
• Involved in Configuring and implementing of Composite Network models consists of Cisco7600, 7200, 3800 series and ASR 9k, GSR 12K routers and Cisco 2950, 3500, 5000, 6500 Series switches.
• Enterprise System Hardware, Standalone, Rack Mounted and Blade Systems.
• Designing of the LAN network topology and configuring VLAN in layer3/2 switches.
• Responsible for day to day management of Cisco Devices, Traffic management and monitoring.
• Managing health check of Network devices this is involves upgrading IOS on every quarter after checking the vulnerability of IOS and reviewing the configuration
• Implementation of Citrix Netscaler MPX 7500/9500 in coordination with vendor forming centralized remote access location and pre-authentication policy.
• Monitored the cloud/VMware infrastructure using the monitoring tools like Cloud Watch, Splunk, Nagios.
• Analyze, support and configure client’s data and VoIP configurations.
• Configured RIP, OSPF and static routing on Juniper SRX routers.
• Good knowledge of CISCO firewalls, CISCO PIX and ASA 5500 series, Palo Alto Firewalls.
• Upgrading code on Palo alto firewalls PA5050/3020 to meet company security policy
• Experience in HSRP standby troubleshooting & Experience in configuring & upgrading of Cisco IOS
• Configured networks using routing protocols such as RIP, OSPF, BGP and manipulated routing updates using route-map, distribute list and administrative distance for on-demand Infrastructure.
• Implemented Hot Standby Router Protocol (HSRP) by tuning parameters like preemption.
• Worked on FTP, HTTP, DNS, DHCP servers in windows server-client environment with resource allocation to desired Virtual LANs of network.
• Installing and Configuring NetScaler ADC 10.5/11.0/11.1.
• Configuring NetScaler Gateway on VPX/SDX instance.
• Experience in customizing Receiver for web in Citrix and NetScaler Login pages.
• Hands on experience on creating and cloning Virtual machines.
• Experience in configuring HA for NetScaler instances.
• Installation, Configuration and troubleshooting Cisco switches and Firewall on multi mode context based environments
• Build and release of Cloud based products containing Linux and Windows environments, using Power Shell and Python Scripting.
• Implemented various OSPF scenarios on networks consisting of 7600 routers.
• Configured policy based routing for BGP for complex network systems.
• Configured Multiprotocol Label Switching (MPLS) VPN with Routing Information Protocol (RIP) on the customer’s Site.
• Provide support and services to resolve network issues for all wholesalers and network users which includes Voice Over Internet Protocol (VoIP), (devices; MGCP/SIP), DSL Internet, Cable internet and intranet websites.
• Installed and configured two ASA 5505 in customer locations. In addition to that, two PIX firewall configured for the Guest access
• Configure all Palo Alto Networks Firewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scale firewall deployments.
• Involved in the redistribution into OSPF on the core ASA firewall.
• Involved in the removal of EIGRP from all devices and making OSPF the primary routing protocol.
• Involved in the modification and removal (wherever necessary) of BGP from the MPLS routers.
• Involved in designing L2VPN services and VPN-IPSEC authentication & encryption system.
• Tuned BGP internal and external peers with manipulation of attributes such as metric, origin and local Preference.
• Cisco Secure Access Control Server (ACS) for Windows to authenticate users that connects to a VPN 3000 Concentrator.
• Scripting experience with Perl.
• Good knowledge on Intrusion Detection and Intrusion Prevention System.
• Troubleshoot and Worked with Security issues related to Cisco ASA, IDS/IPS.
• Router/ Microsoft VPN Server in order to access certain limited network resources from customer locations
• Responsible for turning up BGP peering and customer sessions, as well as debugging BGP routing problems.
• Provided Tier 2 level of escalation for Tier 1 VoIP Team by supporting Business and Residential Customers.
• Deploying multi-stack software builds to various environments (VMs, Cloud instances, etc.) using automation tool Ansible minimizing downtime.
• Designing and Implementation of (LAN) VLANs, VTP, Spanning Tree (STP), Trunking (dot1q and ISL) and Ether channel.
• Microsoft active directory service (working on users and domains) virtualization environment
• Support data center migration efforts analyzing current rules using Tufin and Palo Alto Panorama.
• Migration and implementation of Palo Alto Next-Generation Firewall seriesPA-500, PA-3060, PA-5060, PA-7050, PA-7080.

Environment: In Corporate office architecture with highly reliable & secured network including Cisco routers(7200,3800,2800), Cisco switches(4900,2900,9300,9500), Cisco ASA Firewall(5510), Routing Protocols(EIGRP, RIP, BGP), Switching protocols(VTP,STP,GLBP), Palo Alto Networks